EUVD-2021-18882

Malware in sbrugna...

CVE-2021-32015

In Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0, a local authenticated malicious user with high privileges could potentially gain unauthorized access to TPM non-volatile memory. NOTE: Upgrading to firmware version 7.4.0.1 will mitigate against the vulnerability, but version 7.4.0.1 is not TCG or Comm...

CVE-2020-25082

An attacker with physical access to Nuvoton Trusted Platform Module NPCT75x 7.2.x before 7.2.2.0 could extract an Elliptic Curve Cryptography ECC private key via a side-channel attack against ECDSA, because of an Observable Timing Discrepancy...

CVE-2020-25082

CVE-2020-25082 concerns Nuvoton NPCT75x TPMs where an attacker with physical access could extract an ECC private key via a side-channel timing discrepancy in ECDSA. Affected products are NPCT75x with firmware series 7.2.x prior to 7.2.2.0. The vulnerability arises from observable timing differenc...

Nuvoton NPCT75x 信息泄露漏洞

Nuvoton NPCT75x is a series of Trusted Platform Module products from Nuvoton Japan. An information disclosure vulnerability exists in Nuvoton NPCT75x, which could allow an attacker to extract elliptic curve private keys by launching a side-channel attack against ECDSA. The following products and...

Design/Logic Flaw

In Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0, a local authenticated malicious user with high privileges could potentially gain unauthorized access to TPM non-volatile memory. NOTE: Upgrading to firmware version 7.4.0.1 will mitigate against the vulnerability, but version 7.4.0.1 is not TCG or Comm...

CVE-2021-32015

Summary: CVE-2021-32015 affects Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0. A locally authenticated, high-privilege attacker could gain unauthorized access to TPM non-volatile memory. Impact: local compromise of TPM NVRAM. Mitigation: update to firmware 7.4.0.1 (note: not TCG/CC certified). Vendors...